1. Field
The present application relates generally to the operation of overlay networks, and more particularly, to methods and apparatus for reducing the effectiveness of chosen location attacks in a peer-to-peer overlay network.
2. Background
A network in which member nodes obtain services in the absence of server-based infrastructure is referred to herein as a “peer-to-peer” overlay network. In a peer-to-peer overlay, peer nodes co-operate with each other both to provide services and to maintain the network. Peer-to-peer overlay networks can be built on top of an underlying network, such as a network utilizing the Internet Protocol (IP).
Distributed hash table (DHT) based peer-to-peer overlay networks use identifiers which are based on hashes of identifying information. Commonly the same hash-based mechanism is used to create both node identifiers and resource identifiers. If an unauthorized entity can choose a specific node identifier, they can either become a critical player in queries routed to a specific node or take control of a specific resource. Such activity is commonly referred to as a chosen location attack.
The traditional approach to solving chosen location attacks in DHT based networks is centralized enrollment of nodes. A centralized enrollment server charged with admitting nodes can ensure that the node identifiers provided are truly random. To mount a chosen location attack, the attacker must make a large number of attempts to join; discarding identifiers assigned which do not provide an attack vector. If the enrollment server requires proof of identity, it may be impossible to make a sufficient number of join attempts to mount an attack. However, utilizing a central enrollment server presents several problems. For example, the enrollment server has a large responsibility and therefore may need to have an uninterruptible power source to assure availability. Additionally, the enrollment server may require backups and special network servers. Furthermore, even if the enrollment server is operating properly, it may itself be compromised thereby compromising the operation of the entire overlay network.
Therefore, it is desirable to have a simple cost effective mechanism that operates to reduce the effectiveness of chosen location attacks in a peer-to-peer overlay network.